package com.xinzhi.controller;

import com.alibaba.fastjson.JSONObject;
import com.xinzhi.custom.QQHttpClient;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.UnsupportedEncodingException;
import java.util.UUID;

//QQ登录
@RestController
public class QQController {

    @Value("${qq.oauth.http}")
    private String http;

    /**
     * 发起请求
     *
     * @param session
     * @return
     */
    @GetMapping("/login/qq")
    public String qq(HttpSession session) throws UnsupportedEncodingException {
        //QQ互联中的回调地址
        String backUrl = http + "/index";
        //用于第三方应用防止CSRF攻击
        String uuid = UUID.randomUUID().toString().replaceAll("-", "");
        session.setAttribute("state", uuid);

        //Step1：获取Authorization Code
        String url = "https://graph.qq.com/oauth2.0/authorize?response_type=code" +
                "&client_id=" + QQHttpClient.APPID +
                "&redirect_uri=" + http +
                "&state=" + uuid;
        https://graph.qq.com/oauth2.0/authorize?response_type=code&client_id=102030054&redirect_uri=http://www.hanmh2020.work/oauth/login/qq&state=799cf5a7f4c442bc831ba19e7534d3d9
        return  url;
    }

    /**
     * QQ回调
     *
     * @param request /qq/callback
     * @return
     */
    @GetMapping("/oauth/login/qq")
    public String qqcallback(HttpServletRequest request, HttpServletResponse response) throws Exception {
        HttpSession session = request.getSession();
        //qq返回的信息
        String code = request.getParameter("code");
        String state = request.getParameter("state");

        System.out.println(code + "--" + state);


        //Step2：通过Authorization Code获取Access Token
        String url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code" +
                "&client_id=" + QQHttpClient.APPID +
                "&client_secret=" + QQHttpClient.APPKEY +
                "&code=" + code +
                "&redirect_uri=" + http;

        String access_token = QQHttpClient.getAccessToken(url);
        System.out.println("access_token:" + access_token);

        //Step3: 获取回调后的 openid 值
        url = "https://graph.qq.com/oauth2.0/me?access_token=" + access_token;
        String openid = QQHttpClient.getOpenID(url);

        System.out.println("openid:" + openid);

        //Step4：获取QQ用户信息
        url = "https://graph.qq.com/user/get_user_info?access_token=" + access_token +
                "&oauth_consumer_key=" + QQHttpClient.APPID +
                "&openid=" + openid;

        //返回用户的信息
        JSONObject jsonObject = QQHttpClient.getUserInfo(url);

        //也可以放到Redis和mysql中，只取出了部分数据，根据自己需要取
        session.setAttribute("openid", openid);  //openid,用来唯一标识qq用户
        session.setAttribute("nickname", (String) jsonObject.get("nickname")); //QQ名
        session.setAttribute("figureurl_qq_2", (String) jsonObject.get("figureurl_qq_2")); //大小为100*100像素的QQ头像URL

        return "redirect:/success";
    }
}
